Pierluigi Paganini January 29, 2024

Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.”

Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia. The news was first reported by The Record Media. The hacktivists group is known for having launched DDoS attacks against Western organizations and Ukrainian government agencies. However, Ukrainian intelligence speculates that the group’s operations are directly controlled by the Kremlin.

The SBU revealed that the man was living in the city of Kharkiv (Ukraine) and was recruited by Russian intelligence via Telegram.

Police searched the man’s apartment and seized three mobile phones, a laptop, and a flash drive containing information that would substantiate the allegations.

Apart from conducting DDoS attacks, the man is suspected of disclosing strategic information to Russian intelligence. The information secretly provided to Moscow includes military secrets such as the locations of Ukrainian troops and military weaponry in the country.

Russian military used this information to coordinate recent missile strikes. If found guilty, the man could face up to 12 years in prison.

In early December, Ukraine’s SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv.

The surveillance cameras were located in residential buildings and were used to monitor the surrounding area and a parking lot. Once the state-sponsored hackers hacked the cameras, they used them to spy on the air defense and critical infrastructure in the same area. The camera used to monitor the parking lot was used to spy on the surrounding territory, including critical infrastructure facilities

The hackers changed the viewing angle and connected the cameras to the YouTube streaming platform.

The footage was used by the Russian army to support the missile strike on Kyiv on January 2.

Since the beginning of the Russian invasion of Ukraine, the SBU has disabled about 10,000 IR cameras, which the Russian army could use to adjust missile attacks on Ukraine.

The SBU calls to owners of surveillance cameras to stop online broadcasts from their devices, the agency also urges citizens to report detected footage from such cameras.

In October 2023, the SBU detained a Ukrainian man who had installed cameras on the streets of his city and passed information on Ukrainian military movements to Russian intelligence.

In March 2022, the SBU arrested a hacker who provided technical support to Russian troops during the invasion, the man provided mobile communication services inside the Ukrainian territory.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, SBU)